Proof of a conjecture about rotation symmetric functions * 
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Abstract 



Rotation symmetric Boolean functions have important applications in the design of 
cryptographic algorithms. We prove the conjecture about rotation symmetric Boolean 
functions (RSBFs) of degree 3 proposed in Q] , thus the nonlinearity of such kind of func- 
tions are determined. 
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1 Introduction 

u 



A Boolean function f n (xo,--- ,x n -i) on n variables is a map from F 2 to F2, where F 2 is 
the vector space of dimension n over the two element field F2. Rotation symmetric Boolean 
functions (Abbr. RSBFs) are a special kind of Boolean functions with properties that its 
evaluations on every cyclic inputs are the same, thus could be used as components to achieve 
efficient implementation in the design of a message digest algorithm in cryptography, such as 
■ MD4, MD5. These functions have attracted attentions in these years (see [2-7]). One of the main 

■"sj" , focus is the nonlinearity of these kind functions (see [6j[7]). It is known that a hashing algorithm 

0^ ' employing degree-two RSBFs as components cannot resist the linear and differential attacks 

([!]). Hence, it is necessary to use higher degree RSBFs with higher nonlinearity to protect 
the cryptography algorithm from differential attack. Cusick and Stanica ([T]) investigated 
the weight of a kind of 3-degree RSBFs and proposed a conjecture based on their numerical 
observations. 



Conjecture 1.1 The nonlinearity ofFg(x Q ,--- ,x n -i) = J2 x i x i+i(mod n)%i+2{mod «) is 

0<i<n-l 

the same as its weight. 

As claimed in [T] that if the above Conjecture could be proved, then significant progress 
for fc-degree (k > 3) RSBFs might be possible. Recently Ciungu [5] proved the conjecture in 
the case 3|n. In this paper, we factor F£ into four sub-functions, discover some recurrence 
relations, and thus prove the above Conjecture. The sub-functions and related recurrence are 
different from Cusick'sjT]. The technique used in this paper may be applied for the study of 
RSBFs of degree k > 3. 

We define two vectors e\ = (1, 0, • • • , 0) e F 2 for every n > 1, e 2 «-i = (0, 0, • • • , 0, 1) £ F 2 , 
and abuse = (0, • • • , 0) to represent the zero vector in vector spaces F 2 of every dimension for 
simpleness. By x n and c" we mean the abbr. forms of vectors (xq, • • • , x n -\) and (co, • • • , Cn—i) 
in F 2 . A linear function is of the form c™ • x n , where • is the vector dot product. The weight of 
a Boolean function f n (x n ) is the number of solutions x n € F 2 such that f n (x n ) — 1, denoted 
by wt(f n ). The distance d(f n ,g n ) between two Boolean functions /" and g n is defined to be 
wt(f n +g n ). 

Now we list some basic definitions about Boolean functions. 
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Definition 1.2 A Boolean function f n (x n ), is called rotation symmetric if 

f n (x ,--- ,x n -x) = f n (x n -x,x ,Xx,--- ,x n - 2 ), for all (x ,--- ,x n -i) € F£ . 

Definition 1.3 For a Boolean function f n (x n ), the Fourier transform of /" at c n G F 2 is 

defined as 

/™( c ") = X) (-l) /n(!BB)+cn ' !,,B . 

By the definition of Fourier transform, it is easy to see that 
Lemma 1.4 For all (cq, ■ ■ • , c„_i) 6 

F 3 "(c , • • • ,c n _i) = F 3 n (c„_i,c , • • • ,c„_ 2 ). 
Definition 1.5 The nonlinearity Nfn of a Boolean function f n (x n ), is defined as 

Nfn = Mm {d(f n {x n ),c n ■ x n )\c n G F™}. 
By Definition 11.51 it is not difficult to deduce that for all f n (x n ), 

fr(0) = 2 n -2- wt(f n (x n )). 
Hence we can restate the above Conjecture as 

F} (0) = Max{\Ff (c")| |c"€F2}. 

2 The proof of the Conjecture 

To prove the above Conjecture, we factor F£ into 4 sub-functions. Let t n — ^2 

0<i<n-3 

and 

fo(xo, • • • j x n — i) = t n , 
fi(xo, • • • , x n -i) = t n + XoXl, 
fzixo,'" ,x n -i) = t n +X n - 2 X n -i, 

/3 1 (X , • ■ • , In-l) = *n + XqXi + X n - 2 X n -l + %0 + £n-l- 

Then we have 

I D ,"-,I„_1 Io,"',lE-3 0<i<3 

Lemma 2.1 For ewer?/ c™ = (cq, • • • ,c„_i) € F^, if c n -\ — ; tten 



(1) 



= 2(ir 2 ( C - 2 ) + (-i) c — ■ jr v~ 3 )), 

(c") = 2(/g(c"- 2 ) + • /p^ 3 )), 

#(c») = 2(/p(c"- 2 ) + (-l) c -+ c - • ip 3 (c- 3 + e 2 „- 4 )), 
/ 3 "( C ") = 2(-l) c "-./p( C "- 3 + ei ), 



(2) 



w/iere c n -' 2 G F™ -2 and c"" 3 G F 2 '~ 3 are Me /?rst n - 2 and n - 3 6iis of c" G F^, and 
ei = (1,Q,--' ,0),e 2 „-4 =(0,-.- ,0,1) G F^ 



■n— 3 



Proof. We prove the first relation, proof of the other three ones are similar. Because 
c„_i = 0, we have 



2 



/o"(c") 

_ j2 (^-iyo( x ")+ c "- xn + j2 (-i)/o"( a; ")+ c "- :E " 

x n :x n -i—Q x n :x n -i—l 
= E (-l) / o"~ 1 ( a: "~ 1 )+ c "~ 1 - a: '*~ 1 + J] (_ 1 )/ n - 1 (x n - 1 )+x„_ 3 x n _ 2 +c' l - :L -x"- 1 

a:" -1 :a; Tl _2— x n ~ 1 :x n -2 — 

+ ^ (_l)/o Tl_1 (^"" 1 )+c T1 " 1 ^"" 1 _|_ ^ ( ^_ 1 ^/ ri - 1 ( a; Tl - 1 )+ a : n _3a ;Tl -2+c n - 1 - a : 

a: ri_1 :a: r( ,_2 — 1 x n ~ 1 :x n -2 — 1 

= E (-lyo" -2 ^ 2 ^" -2 -^ 2 + x (_i)/<r 2 (z"~ 2 )+c"~ 2 -z"~ 2 

_|_ ^2 ( — iy'o~ 2 ( xn ~ 2 )+ cn ~ 2 - xn ~ 2 + X 'n-4X n -3+C n „2 
x n-2 

_|_ ^ (_X) / o"~ 2t:rn ~ 2 ^ +cT1 ~ 2 ' :rn ~ 2+a;T1 - 4:rn - 3+:CTl - 3+CTl - 2 

= 2 . ./rv- 2 ) 

•X™ 2 +X„-4X„_3 + C„_2 
■X™~ 2 +X„-4X„_3 + C„_2 
■X™~ 2 +X„_4Xn-3 + X„_3 + C„_2 



+ E (-i) /o "~ {x "~ )+c 
+ 2 E (-i)^" 3 ^""^ 
+ 2 E (-i) / o n " 3 (^ n " 3 )+ c 

x n-3 

_l_ ^ (_iy "~'V™- 3 )+c™- 3 -x™- 3 +x„_ 5 x„_4+x„_4+c„-3+c„-2+i 

jr^^ 3 ^ 

■n-2 ( „ n -2\ i o . Ll\c»-2 . f™~3/ „n-3\ 



+ E (- 


-l)/o" 


- 2 (x— 2 )+c' 


x n 2 :a: ri _3— 






+ E (- 


-l)/o n 


- 2 (x— 2 )+c" 


x n 2 :x n -s — 1 






+ E (- 


-l)/o n 


- 2 (x— 2 )+c ; 


x"- 2 :x„_ 3 =0 






+ E (- 


-l)/o n 


- 2 (x"- 2 )+c' 


x"- 2 :x„_ 3 = l 






•iP(c"- 2 ) 







2 • f^(c n - 2 ) + 2 • (-l) c - 2 • / "- J (c"- J ) 



_|_ ^ (-l)/o (x"" J )+c"- J -x"- 3 +a;„_5X„_4+x„_4+c„-3+c„-2 

_ ^ (-l)^" -3 ^" ^+ <: " _3 ' I ™ _3+x "- 5:c "- 4 + I "- 4 + c "- 3 + c "- 2 

x n ~~ 3 

2 • ip 2 (c"- 2 ) + 2 • (-!)<=»-' ■ ip(c"- 3 ). 



Lemma 2.2 For every c n = (co, • • ■ , c„_i) € F£ , «/ c„_i = 1, then for i = 0, 2, 

/f(c") =.g2( C "- 1 )±2.^ 4 ( C «- 4 )), 

or = /^(c- 1 ) ± 2 ■ ^ 4 (c"- 4 ) ± 4 • g(c"- 5 ), 

or = tf-V" 1 ) ± 2 ■ ./p 4 (c"- 4 ) ± 4 • /p 5 (c"" 5 + e 2 „_ a ), 

and /or i = 1, 

ff(c n ) =/P(c"- 1 )±2./£ 4 ( C «- 4 ), 

or = /r _1 (c n_1 ) ± 2 • /P 3 ^"- 4 ) ± 4 • ./^(c"- 5 ), 

or = /rV" 1 ) ± 2 • ,/P(c"- 4 ) ± 4 • ./p 5 (c"- 5 + ex), 
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and for i = 3, 



/f(c«) 


rn- 

— J I 


-l (c „-l_ 


hex) 


±2 


rn- 
JjL_ 


-4/^-4 _ 


hex), 






or 


rn- 

— Jl_ 




Hei) 


±2 


rn- 

Jl_ 


-4^n-4 _ 


hex) ±4 


/PV~ 5 + ex), 


(5) 


or 


rn- 

— Jl 


^(c™- 1 - 


hex) 


±2 


rn- 

Jl 


^4^ c n-4 _ 


hex) ±4 







where ■ 



g f: 



n— X „n— 4 



gF 



n — 4 



and i 



G Fj 5 are tfte /irs£ n — 1 , n — 4 and n — 5 &«is 



o/ c" G F™, and e x = (1, 0, ■ • • , 0), e 2 „- 6 = (0, 



,0,1) G F 2 l ~ 5 . 



Proof. We briefly prove the relations for fff, f£ 
Because c„_i = 1, we have 



/o n (c") 

a: 71 la^n- 1— x n :x n — i — l 

= /P(c"- 1 )+ £ (-i) 50 "- 4 . 

0<j<7 



(6) 



where gQj A (x , ■ ■ 

1,J = ^n-4 + 2x n _3 



x rl _5) are functions corresponding to fQ l (x n )+c n -x n where c„_x = 1, £n-i — 
4x„_2- Calculate these functions in details in Table [T] 



j '■ ( x n-4i x n—2) 


n-i 


(0,0,0) 


/ n ~ 4 + c™- 4 • x n - A + 1 


(1,0,0) 


Jo 1 " 4 + C n - 4 ■ X n ' 4 + X n - 6 X n - 5 + C„_4 + 1 


(0,1,0) 


+ c „_ 4 . x «-4 + Cn _ 3 + j 


(0,0,1) 


/o"" 4 + C"- 4 • .T"- 4 + C„_ 2 + 1 


(1,1,0) 


/o ~ 4 + C n ~ 4 • X n ~ 4 + X n - 6 X n - 5 + X„_5 + C„_ 4 + C„_ 3 + 1 


(1,0,1) 


/ n " 4 + C"- 4 • X n - 4 + X n - 6 X n -S + C n -4 + C„_ 2 + 1 


(0,1,1) 


yrn-4 + c „-4 . ,n-4 + ^ + ^ 


(1,1,1) 


/o _4 + C"~ 4 • x"~ 4 + X n - 6 X n - 5 + X n - 5 + C „_ 4 + c„_ 3 + C ?l _ 2 + 1 



Table 1: So~ 4 (0 < J < 7 ) corresponding to fa{x n ) + c n ■ x n . 
By Table [l] we have 

0<j<7 

= ((-1) + (-l) c - 2 +l + (-1)^-3+1^ (_ 1 )c„-3+c„- 2 ) . /p^( c n-4) 
+( _ 1)Cn _ 4+ l (1 + (_ 1)C „_ 2) . /r 4(cn-4 } 
+ (_l)c n _ 4 +c„_ 3 +X (1 + (_l)c„_ 2) . /n-4( c n-4 + ^ ^ 





-4 (c „- 


- 4 ) 


if C„_2 


= 1, 


2 g=4 (c „- 4) 


-4(- 


-l) c "-iP(c^) 


*/ C„_2 


= 0,c n _ 3 = 0, 


2ipV- 4 ) 


-4(- 




«/ C„_ 2 


= 0,C„_ 3 = 1. 



So we have 



rll- 

Jo_ 


-\c n - 


- 1 ) 


- 2(-l) c >- 


/o 


" 4 (c"- 


_ 


i/ c„_ 2 


= 1, 


rn- 

JQ_ 




- 1 ) 




- 4 ) 


_ 4 (- 




if C n -2 


= 0, C„_ 3 


rn- 
J0 


-\c n ~ 


- 1 ) 


- 2ip(c" 


- 4 ) 


_ 4 (- 


-l)c„-4+c„-5 /2 ™-5 (c n-5 + e2n _ 6) 


if C„_2 


= 0, C„_3 



(8) 

For the proof of the relation of fg, we list the functions g% j 4 (0 < j < 7) corresponding to 
f^ix 71 ) + c n ■ x n in TableEJ where c n _x = l,a; n _x = 1, j ' = %n-4 + 2%n-3 + 4x„_2- 
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j : (x„_4, X„_ 3 , X n -2) 


■92,7 4 


(0,0,0) 


+ c ™-4 . j.n-4 + : 
J u 1 


(1,0,0) 


/o 1-4 + c"- 4 • a;™- 4 + Xn-eXn-s + c„_ 4 + 1 


(0,1,0) 


+ c „_4 . x «-4 + Cn _ 3 + ! 


(0,0,1) 


+ C"- 4 • X"- 4 + C„_ 2 


(1,1,0) 


/o ~ 4 + C n ~ 4 • X™ -4 + Xn-eXn-5 + X„_ 5 + C„_ 4 + C„_ 3 + 1 


(1,0,1) 


JO + C -X + X„_ 6 X„_ 5 + C„_ 4 + C„_ 2 


(0,1,1) 


/o «-4 + c „-4 . X n-A + ^ + ^ + 1 


(1,1,1) 


/o 1-4 + c"~ 4 ■ x™ -4 + X n _ 6 X„_ 5 + X n -5 + C„_ 4 + Cn-3 + C„-2 



Table 2: S 2 ~ 4 (0 < j < 7) corresponding to / 2 n (x") + c™ • x n . 



Similarly 



/»(c») 

a, 71 ::*:™-!— x n :oi n _i=l (9) 

= jp(c»- 1 ) + E (-i) 9?j4 , 

0<j<7 



And 



E (-i) 92 - 7 

0<J<7 

= ((-1) + (-l) C -3 + (-1)^-3+1 + (_l)C„-3+C„- 2 + l) . ^P 4 (c«-4) 

+ + • iT 4 (^ 4 ) 

+ ( _ 1) c n _ 4+ c n _3((_ 1) + (_!)*.-,) . /p4 (c „-4 + e2 „_ 5) 

_ 2 (_l)c n _3 / n-4 (c n-4 ) if ^ = ^ 

-2^ 4 (c"- 4 ) - 4(-l) c "^^p(c^ 5 ) i/ c„_ 2 = 1 and c„_ 3 = 0, 

-2jp 4 ( C "- 4 ) - 4(-l) c —+ c -=ip 5 (c"- 5 + e 2 »-a) if c„_ 2 = 1 and c„_ 3 = 1- 

(10) 

By ((9|) and (JTOj) , the relation for / 2 follows. 

Similarly, /™(c") = /r _1 (c"" 1 )+ £ (-1) 9 "7 4 , where £ (-1) 3 " 7 4 can be calculated as 

0<j<7 0<j<7 

E (-i) 9rj4 

0<?<7 

-2(-l) c "- 3 /p( C «- 4 ) »/ c_ 2 = 1, 



-2/r V- 4 ) - 4(-l) c — /r V~ 5 ) i/ c„_ 2 = and c„_ 3 = 0, 

f n 



-2/r 4 (c"- 4 ) - 4(-l) c "-*+ c "-=/ 3 "- 5 ( C "- 5 + ex) if c„_ 2 = and c„_ 3 = 1. 



(11) 

Similarly again, fg(c n ) = /""^c"- 1 + ex) + E (-1) 9? ' J< \ wh ere £ (-l) 93 " j4 can be 

0<j<7 0<j<7 

calculated as 

E (-1) 93 " 74 

2(_l)o„_ 3 y«-4( c «-4 + ei) z/ Cn _ 2 = 0, 

2/P(c"- 4 + ei) + 4(-l) c "^/p(c^ 5 + ex) if c„_ 2 = 1 and c„_ 3 - 0, 
2/P(c"- 4 + e x ) + 4(-l) c — + c "-=^P 5 (c"- 5 ) i/ c„_ 2 = 1 and c„_ 3 = 1. 

(12) 
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Cusick and Stanica[T] have proved that wt(Fg(x)) = 2(wt(F^- 2 (x)) + wt(F^~ 3 (x))) + 2 n - 3 , 
i.e. Ff(0) = 2(f 3 "~ 2 (0) +F™~ 3 (0)) (in fact it could also be verified by Lemma O and Lemma 
I2.2p . The following Lemma gives more relations about F£(0). 

Lemma 2.3 F^(0) satisfies the following relationships: 

F}(0) = fpfy) + 2Ff~ i (0) + 4Fp*(0) n > 8, 



Fr\0) <^(0) <2^ 3 "- 1 (0), n>7. 



(13) 



Proof. For the first equation, by the recurrence relation F n (0) = 2(F n 2 (0) + F n 3 (0)) , we 
have for all n > 8, 

^)=2(iP!(o)+5r!(o)), 

fp r (0)=2(Pp 5 (0)+*p*(0)), (14) 
2Kp(0) = 4(F 3 »- 4 (0) + ft)), 
Calculating "i/ie first equation — the second equation + the third equation" , we obtain 

£»(0) = Jpfy) + 2Pp*(0) + 4fp*(0). 



n = 3 


n — 4 


rt = 5 


rt = 6 


n = 7 


71 = 8 


n = 9 


77 = 10 


6 


8 


20 


28 


56 


96 


168 


304 



Table 3: The values of F™(0). 



It is obvious F™- x (0) < F"(0) for all n > 4. For the proof of F n (0) < 2F™- 1 (0), we show 
it by induction. From Table [31 it is true for n < 7. Assume it is true for all n < s, n, s > 7, we 
prove it for the case s + 1. Since 



^3 _1 (0) < 2L 3 S ~ 2 (0), (by assumption) 

F°~ 2 (0) < 2F°~ 3 (0), (by assumption) 

%)) =2(^r 2 (o)+^p 3 (o)), 

Fi +1 (0) = 2(*p(0) + iT 2 (0)), 



(15) 

2/n\ i Z7"S— 3/"~* 



It follows from the above relationships that 

fp(0) < 2^(0). 



Lemma 2.4 Lei c" = (cq, • • • , c„_i) G F£. if Ci = 1, iften 

|^(c")|<i.fp(0),(0<i<3,»>9). 

Proof. We prove it by induction. Firstly with the help of computer, we verify that for all n €E 
[3,9], c n ^ 0, \ Jf(c n )\ < \ ■ ^ 3 ™ +2 (0), (0 < i < 3). (For example, see Tablelfor the case n = 6. 

In this case F™ +2 (0) = Ff(0) = 96, and we see that \ff(c 6 )\ < \ ■ Ff(Q) = 24, (0 < i < 3)). 
Assume the claim is true for all n < s, where 77 > 9, s > 10, we now prove it is true for s. 
Since c\ = 1, we have c™, c™ -1 , c™~ 2 , c™~ 3 , c"~ 4 , c™ -5 are all not zero vectors. 
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(C\ 98 98 41 


(~\ 4 1 9 4 1 91 

[1, 4, 1Z, 4, 1ZJ 


(9 19 90 4 —41 

\ A 1 1Z 3 ZU 3 *3 *J 


f"i —4 —19 —4 41 

1^0, 4, 1Z, 4,4J 


(A 19 __4 90 4.1 
(t, 1Z, ZU, 4 J 


—4 19 —4 —41 
\°3 *3 lz 3 ^3 ^) 


((\ — 19 4 —4 —41 

l°3 1Z 3 y: 3 ^3 


f7 4 —1 9 4 41 

^(,4, lZ,4,4j 


(8 19 90 —4 4 s ! 

V 3 3 3 1/ 


^0 19 4 4 191 

\ y 3 1Z 3 *3 ^3 1Z j 


("10 4 —4 4 —41 

V 3 3 3 3 / 


(11 —19 —4 —4 41 


no 4 —19 —19 41 

V 3 1 3 ^~ 3 / 


I'm —19 4 —4 —41 

1^10, 1Z,4, 4, 4 J 


(\A —4 19 —4 —41 

V 3 3 3 3 / 


("1 r i 19 —4 4 41 

l id ! 1Z 3 *3 ^3 *J 


flfi 19 4 90 —41 
v 10, 1Z, 4, zu, 4j 


fl 7 —4 4 —4 —1 91 

' 3 ^3*3 *3 1Z J 


("18 4 19 19 41 

[ L0 7 4, 1Z, 1Z, 4 J 


/1Q 4 —4 4 —41 
t^iy,4, 4,4, 4 J 


^90 4 4 —4 —41 

^ZU,4,4, 4, 4 J 


/'oi 4 4 4 41 

l Zi > ^3 ^3 ^3 ^) 


f99 —4 —4 —19 41 

t^ZZ, 4, 4, 1Z,4J 


(93 —4 —4 —4 —41 

yZO, 4, 4, 4, 4J 


(OA 19 4 4 41 
V Z4, 1Z, 4,4, 4 J 


(0^ 4 4 19 1 91 
(,ZD,4, — 4, 1Z, 1ZJ 


(OP, A 19 4 41 
(^ZO, 4, 1Z, 4,4J 


(97 4 4 19 41 
(41, 4,4, 1Z, 4J 


f98 —4 —4 19 —41 

v ZO, 4, 4, 1Z, 4 J 


f9Q _4 _4 —19 41 
t^zy, 4, 4, 1Z,4J 


f^O 4 4 4 41 

[OU, 4, 4, 4, 4 J 


(31 4 4 19 —41 

W 1 ! ^3 ^3 1Z , 4j 


(^9 4 4 1 9 1 91 
v OZ, 4, 4, 1Z, 1ZJ 


4 4 4 901 

^OO, 4, 4, 4, ZU 1 


^4 4 4 4 1 91 
—4, —4, 4, — 1ZJ 


("? r i 4 4 4 191 
[60, 4, 4, 4, 1Z) 


f'^fi 1 9 4 4 1 91 

\°°3 iZ J ^3 ^3 1Z J 


fQ7 _4 4 —4 41 

k° ' 3 ^3 ^3 ^3 


f38 4 1 9 —4 —1 9"l 

l^OO, 4, 1Z, 4, 1ZJ 


(39 4 —4 4 1 9"! 

l oy 3 ^3 ^3 ^3 iz J 


(40,-4,-4,12,-4) 


(41,-4,-4,4,4) 


(42,4,4,4,4) 


(43,4,4,-4,-4) 


(44,-12,-4,4,-4) 


(45,4,-4,-4,-12) 


(46,-4,-12,-4,4) 


(47,-4,4,4,-4) 


(48,-4,-4,-12,4) 


(49,-4,-4,-4,12) 


(50,4,4,-4,-4) 


(51,4,4,4,20) 


(52,-12,-4,-4,4) 


(53,4,-4,4,-4) 


(54,-4,-12,4,-4) 


(55,-4,4,-4,-12) 


(56,4,4,-12,4) 


(57,4,4,-4,12) 


(58,-4,-4,-4,-4) 


(59,-4,-4,4,-12) 


(60,12,4,-4,4) 


(61,-4,4,4,-4) 


(62,4,12,4,-4) 


(63,4,-4,-4,20) 



Table 4: (c, /g (c), /f (c), /f (c), /| (c)), where c = (co, •■• , C5) G F| is represented by its corre- 
sponding integer number ^ c{l % . 

0<i<5 



If c n _i = 0, then by Lemma |2. II and Lemma 12.31 we have 



< 



< 



2(/o" 2 (c s - 2 ) + (-l) c - 2 -/o^(c s - 3 )) 



2(/o~V- 2 ) 
[•(2^(0)4 
|-F|+ 2 (0). 



s-l 



iTV" 3 )) 

(0))) 



Similarly, the case for |/™(c™)| < | • F"+ 2 (0), (i — 1,2) can be proven. 
For the case i = 3, we have 



/ 3 V) 



= 2(-i)°-» . /;- 3 (c- 3 + 

= 2 ■ /p(c s - 3 + ei) 
< \ ■ 2F^\0) 
<i.(jtfp(0) + 2F|(0)) 
= ±-F? +2 (0). 



(16) 



(17) 



If c„_i = 1, we prove the case i = 0, 2, and leave the proof for the case to the reader 

since the recurrence forms are similar. By Lemma 12.21 , for i = 0, 2, 



/f(c«) 


rn- 




-!)±2 






or 


rn- 

— Jo 


ri (c n - 


-!)±2 


rn- 

3~ 


r v 


or 


rn- 

— Jo 




-!)±2 


£71- 

Jo 





i ))±4-/r 5 ( C "- 5 ) 



(18) 



f n — 5 / 



+ e 2 n-e). 
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We prove the inequality for the first case and the second case, while the third case is similar. 
If Jf(c n ) = fo' 1 ^ 1 - 1 ) ± 2 • Jo ~ 4 (c™- 4 )), then by LemmaUand induction, 



< 



fl-V" 1 ) +2 /TV" 4 ) 



<|-(i^ 1 (0) + 2 J FT 2 (0)) 
<i-(2i|(0) + 2^p 1 (0)) 
= |-^T 2 (0). 



(19) 



When /™(c") = /£ -1 (c" _1 ) ± 2 ' /o ~ 4 ( c "~ 4 )) ± 4 ' •/?~ 5 ( c "~ 5 )> thcn b y Lemma 
induction again, 

< I ' (Jp X (0) + 2^ s - 2 (0) + 4F 3 s - 3 (0)) 

= i-^r 2 (o). 



and 



(20) 



Theorem 2.5 For all e™ = (xo, ■ • • , x n ~i) ^ and all n > 3, 

if (c")| <if(0). 

Proof. For the few cases n < 10, we have the correctness by the computer's computation 
results. Now assume n > 10. 

Since c" ^ 0, by Lemma [131 -F 3 "(a;o, • • • ,a;„_i) = ^(xj, • • • ,a; n _j_i) for all j e [0,n - 1]. 
Thus we assume ci = 1. By Lemma [2^41 we have 

./Pv- 2 ) + (-ly-i ■ Jr 2 (c n - 2 ) + c-ir- 1 • /rv- 2 ) + (-iy«-*+^ . 7r v~ 2 ) 
./Pv- 2 ) + /rv- 2 ) + iP 2 (c- 2 ) + iP 2 (c- 2 ) 



< 



< I ' (^f(O) + if (0) + i^(0) + F 3 "(0)) 
= F 3 «(0). 



3 Conclusion 

In this paper we prove the conjecture proposed in pQ, i.e. the nonlinearity of F^(xq, • • ■ , x n -\) 

is the same as its weight. Recently Cusick remarked that computer's results imply that the 

Conjecture may be extended to RSBF with SANF XoX a Xb(b > a > 0) in the case of odd 

n. However it seems difficult to prove that. It is interesting to note that it has been proved 

in [7] that the nonlinearity of F^ixo,--- ,x„_i) = x iX i+s ^ mot i „) is the same as its 

0<i<n-i 

weight if gerf "„ s ) is even. These properties show that rotation symmetric Boolean functions 
have nice cryptographic applications. Whether higher degree RSBFs have these properties is 
an interesting topic for further research. 
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